Military cybersecurity operations are shifting to a digital battlefield, where tools and technology work to save lives and increase efficiency. With these advancements comes the increased need for resilient measures to meet the needs of soldiers, leadership, and civilians alike.
A ransomware attack rocked the U.S. Marshals Service in February 2023, compromising critical state data on everything from top-secret operations, to internal administrative information. A new strategy from the Biden administration, along with other advancements in technical architecture, is aimed at helping the U.S. to revamp its approach to security in compelling ways.
The Treacherous Landscape of Military Cybersecurity
Military cybersecurity is critical for several reasons, including sharing key information. Soldiers rely on rapid response times and messaging between their fellow troops and commanding officers. This becomes heightened in a combat zone. Catastrophes could result from unreliable connections that cut-out or never reach the recipient.
Joint operations involve coordinating naval, air, and ground forces. Leadership and technology interaction requires all teams to be highly synchronized and tightly orchestrated. Reliable messaging ensures the right people receive their commands.
Even in the most innocent circumstances, unsecured devices and messages over public phone networks have led to tactical downfalls. Ukrainian forces recently intercepted a phone call between a Russian soldier and his family, which gave Ukrainian forces a critical insight into morale and the state of their opposition.
Proper cybersecurity could mean life or death as well. 9 Line is the military help line for emergencies and injuries, and soldiers may not receive the necessary medical aid without timely and reliable communication.
Revamping military cybersecurity means more rugged and resilient hardware. Troops often traverse extreme terrains, from blistering desert heat, to freezing snow. Hardware needs to be lightweight enough to carry, but tough enough to withstand these conditions, as well as the jarring events of combat. New wearable technology captures speech, vision, location, and data to send to headquarters and fellow tactical teams, and its reliability is crucial to ensure the safety of soldiers and missions.
Upgrades and Updates
How is the U.S. government addressing these critical needs in cybersecurity for future operations? In March, President Biden released a strategy to expand security requirements and extend a more aggressive response to cyberattacks.
1. Hardware and Software
One of these strategic points was imposing legal liability on software manufacturers. The onus is on these companies to promise cybersecurity safeguards instead of military groups reeling after a malfunction or attack.
On the hardware side, the U.S. is seeking more customized and rugged equipment to withstand extreme conditions and ensure safety standards. For example, an operation may need a rack-mount to hold various modules, servers, routers and switches. However, they would need a tougher version to withstand conditions, from heavy combat, to sand, water, and dust.
A third-party vendor would be required to make these customizations in hardware, but moving operations outside government facilities may open up room for breaches or unmonitored policies. Instead, the government seeks compliant vendors and partners who readily provide all documentation, like conformance certifications, security applications, and internal information, to make these key customizations.
The continued integration of IoT technologies into daily operations is another cause for security concerns. These devices can collect data on the terrain and integrity of machinery. Unsecured connections and gaps in software leave Industrial IoT (IIoT) devices and their wealth of information vulnerable to malicious actors. The government plans to fortify defenses with multifactor authentication and similar compliance requirements with vendors and manufacturers.
2. Zero Trust Architecture
A zero trust architecture ensures that only the right people access the proper data by using continual verification throughout the system. Industry and government experts recently decided to employ a zero trust architecture in all military operations. This will require frequent authentication, authorization, and validation of users. While previous policies focused on the physical device on the networks, new ones will place a matched emphasis on the users behind each.
Upgraded and continuous authentication means fortified security does not stop at entryways but throughout various checkpoints inside a network or system. Security checks will target user interactions, data tagging, and attribute-based access. It will also authenticate all devices, including computers, mobile phones, radios, and printers. As the U.S. engages in more 3D printing to make replacement parts and lightweight materials, it looks to secure devices like these on the fringes of a network, not just computers.
Cloud technology is also a major player in zero trust architecture. It’s unlimited in power, throughput, and storage, and is easier to update for streamlined operations and cybersecurity enhancements.
3. Advanced Communication Methods
Military cybersecurity operations worldwide utilize advanced messaging tools for secure and timely communications. Again, reliable and robustly defended connections are key to successful missions on the battlefield and at home base. Therefore, operatives adapt tools to meet unreliable and constrained networks.
In the desert, thousands of miles in the air, on the raging sea, or in the cold, there will likely be interruptions in network capabilities with low bitrate. Adapted messaging tools enable everything from voice, video, and text messages to travel across unreliable networks to the necessary recipients.
Additional tools like multiuser chat, data distribution, and service discovery are also crucial to military operations. Lives could be on the line if teams are not in sync or are working with outdated information.
Furthermore, military operations often utilize numerous networks for various missions, so communications must be shared effectively. Integration of companion networks without breaches is part of their plan for the future.
Securing the Future
Military cybersecurity is transforming before the world’s eyes, and there will only be additional incredible advancements. Artificial intelligence and robotics are making their way into operations, from carrying tools, to charting battle strategies. As they become more standardized in practice, they must be heavily fortified to protect mission data and the lives of their handlers and technicians.
These growing needs have some experts theorizing about the creation of a U.S. cyber force to oversee cybersecurity advancements and military operations. This could be a small group of around 5,000 personnel that can cement long-term standardized compliance requirements. At the moment, cybersecurity teams often rotate from civilian careers or act on a reactionary basis. A knowledgeable force could implement top-of-the-line results for the U.S. far into the future.
The U.S. is revamping its approach to cybersecurity in incredible ways, and the future only holds new opportunities to revitalize its digital landscape.
About the Author:
Emily Newton is the Editor-in-Chief of Revolutionized, an online magazine celebrating innovations in industry, science and technology. Subscribe to our newsletter for industry updates.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
Tripwire ExpertOps
Elevate your organization's cybersecurity with Tripwire ExpertOps! Explore our managed security service now to ensure round-the-clock protection and expert guidance in safeguarding your digital assets.